Official Toxic Discussion

Official discussion thread for Toxic. Please do not post any spoilers or big hints.

Comments

  • Great challenge!! Really useful to familiarized with common web vulnerabilities. Feel free to ask for a hint

  • hint please, first challenge :disappointed:

  • Can i also have a hint :(

  • Lovely challenge! A bit different from common web vulnerabilities (especially with the added randomness), so the extra challenge was a good learning experience.

  • Type your comment> @Sirbot said:

    Can i also have a hint :(

    @alketsh said:
    hint please, first challenge :disappointed:

    you have a source code ;)

  • edited May 2

    I want to say this is a pretty nice challenge especially the second part ;)
    pm me for nudge

  • did it after help from @7Rocky :smiley: :

  • Can someone can give me a hint on how to hadle the randomness ? I tried with bruteforcing it but wasn't effective....

  • edited May 3

    Type your comment> @TheEmix said:

    Can someone can give me a hint on how to hadle the randomness ? I tried with bruteforcing it but wasn't effective....

    You need to upgrade your Low Floor Industrializer to a Really Cooperative Experience. The challenge name sort of relates to the technique. If it's not toxic nor venomous, what could it be?

    Hack The Box

  • Nice hint :lol:

  • I went a bit too quick into the exercise without realizing that the name of the flag is NOT just /flag so don't do the same mistake...

    lebutter
    eCPPT | OSCP

  • Can someone give me a hint? I am new at this.

  • edited May 4

    Can someone explain to me what tr -dc 'a-zA-Z0-9' means? I know it might have nothing to do with solving the challenge, but I just want to understand.

  • @Eren said:
    Can someone explain to me what tr -dc 'a-zA-Z0-9' means? I know it might have nothing to do with solving the challenge, but I just want to understand.

    tr translates one set of characters to another set of characters. For example echo hackthebox | tr 'a-z' 'A-Z' would output HACKTHEBOX. The -d flag deletes a set of characters and the -c flag inverts the set so tr -dc 'a-zA-Z0-9' would delete any character that isn't a letter or a number. For example echo 'h&ck+th3B%x' | tr -dc 'a-zA-Z0-9' would output hckth3Bx.

    FWIW I didn't need this to complete this challenge but it's good one to know about. You can find out more with man tr.

  • Type your comment> @ily said:

    @Eren said:
    Can someone explain to me what tr -dc 'a-zA-Z0-9' means? I know it might have nothing to do with solving the challenge, but I just want to understand.

    tr translates one set of characters to another set of characters. For example echo hackthebox | tr 'a-z' 'A-Z' would output HACKTHEBOX. The -d flag deletes a set of characters and the -c flag inverts the set so tr -dc 'a-zA-Z0-9' would delete any character that isn't a letter or a number. For example echo 'h&ck+th3B%x' | tr -dc 'a-zA-Z0-9' would output hckth3Bx.

    FWIW I didn't need this to complete this challenge but it's good one to know about. You can find out more with man tr.

    Thank you very much. I understand it.

Sign In to comment.